Minimize your PCI DSS Requirements
and Fraud Exposure with Tokenization
For companies that process online credit card payments, the threat of a data breach keeps many managers awake at night. With the overall number of breaches on the rise and pressure from regulators and consumers to enforce better protections for credit card information, businesses are racing to implement stronger security measures. Online credit card processing has two main points of vulnerability: at time of checkout, when cardholder data is being transmitted across the Internet, and when cardholder data is stored for repeat or recurring transactions.
The NETBANX payment gateway offers one of the most effective means of reducing the risk of compromises by using tokenization to protect cardholder data. Through tokenization, credit card numbers are replaced with a randomly generated series of numbers and letters called “tokens,” which are useless to hackers as they cannot be used to make fraudulent purchases. NETBANX tokenization can be implemented for all online businesses and significantly reduces PCI-DSS compliance liability.
Using Tokenization with the NETBANX Secure Checkout Hosted Payment Page
The NETBANXs “Secure Check-out Hosted Payment Page” is integrated directly to a website using an XML API and can significantly reduce an online merchants’ PCI-DSS compliance liability by outsourcing the processing, transmission and storage of cardholder data to the NETBANX gateway. When customers make a purchase from a merchant’s website and enter their payment information into the merchant’s check-out page, they are actually entering the cardholder data into an iFrame that connects to the NETBANX gateway.
Once the purchase is completed, the credit card data is transmitted to the gateway for processing through the merchant’s acquiring bank. This significantly reduces a merchant’s PCI-DSS compliance liability in that customers are not entering cardholder data on their website and the data cannot be intercepted by hackers.
When the transaction is processed by NETBANX, a token is automatically generated and returned to the merchant for future reference. This token is associated to the credit card number used during the transaction. For subsequent transactions, the merchant can process a new transaction by referencing the token and NETBANX’s gateway will process the charge on the credit card associated to the token. The gateway stores the actual credit card data in a Level 1 compliant environment for processing but only displays the token for anyone accessing the gateway back-office to view the transaction details.
Every payment processing function previously operated by the merchant on a credit card number can now be performed by using the token information such as issuing a refund without having to manipulate credit card information.
- The merchant accepts the credit card payment for a purchase and transmits it for processing using Secure Checkout Hosted Payment Page.
- The NETBANX gateway accepts the data and generates a token in association with that credit card number.
- The token is stored in the NETBANX gateway and displayed in the customer profile for transaction tracking and reporting instead of the entire credit card number.
- If required, the token is returned to the merchant for storing in their customer account profile.
- For a repeat or recurring transaction, the merchant submits the stored token for processing using the token rather than the credit card number.